Dropbox is one of the most popular online cloud storage provider. Last time the cloud service was a victim of hacking, it started offering two-factor authorization, also known as 2-step verification for better security. Late Monday, an anonymous person posted a series of posts on Pastebin, claiming to have in possession nearly seven million Dropbox accounts including passwords. To be exact, the poster claimed to have 6,937,081 of compromised Dropbox account credentials. As a proof, that hacker(s) posted Pastebin files with a few hundred username and password pairs as “teases”. The alleged hacker(s) also asked for Bitcoins if anyone wants to get the full data.

The text files uploaded at Pastebin annotated with the following message at the top of the files.

Here is another batch of Hacked Dropbox accounts from the massive hack of 7,000,000 accounts
To see plenty more, just search on for the term Dropbox hack.

More to come, keep showing your support

After a thread at Reddit about the alleged data breach emerged, it was quickly covered by many popular websites. At that thread, some Reddit users claimed that some Dropbox account credentials are working.

In response to the claims, Dropbox through its official blog claimed that Dropbox was not hacked. It also conveyed the same message to its users through some sources.

Recent news articles claiming that Dropbox was hacked aren’t true. Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.

Was my Dropbox account compromised?

If you have a habit of using the same username and password across all web apps or services that you use, you are already in trouble. The recent high-profile website hacks has proved this fact. In fact, Dropbox has claimed that the Dropbox accounts that were compromised were actually stolen from other services. Which again proves that you should never ever use same credentials across different services. You should never reuse your passwords.

Dropbox itself is not hacked, may be your Dropbox account is not in the leaked data but it is recommended that you change your Dropbox password as soon as possible. To further secure your Dropbox account, enable two-factor authentication. Two-factor authentication will prevent unwanted logins or future hack attacks. Try to use a good password manager like LastPass, Dashlane, Sticky Password, 1Password or KeePass.